Ubuntu forums were hacked

O

ocky

Well-Known Member
Joined
Apr 6, 2007
Messages
158
Reaction score
0
Location
George W.Cape
http://ubuntuforums.org/announce.html

There has been a security breach on the Ubuntu Forums. The Canonical IS team is working hard as we speak to restore normal operations. This page will be updated regularly with progress reports.
What we know
Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.
The passwords are not stored in plain text. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.
Click to expand...
 
If this is how the internet is going to end up, we can just as well start switching off now.

So tired of faaking hackers.
 
Got this email:

Hello,

You are receiving this message because you have an account registered with this address on ubuntuforums.org.

The Ubuntu forums software was compromised by an external attacker. As a result, the attacker has gained access to read your username, email address and an encrypted copy of your password from the forum database.

If you have used this password and email address to authenticate at any other website, you are urged to reset the password on those accounts immediately as the attacker may be able to use the compromised personal information to access these other accounts. It is important to have a distinct password for different accounts.

The ubuntuforums.org website is currently offline and we are working to restore this service. Please take the time to change your ubuntuforums.org account password when service is restored.

We apologize for any inconvenience to the Ubuntu community, thank you for your understanding.

The Canonical Sysadmins.
Click to expand...
 
I wish the dam forum admin would move his ass... I am tired of getting the dam sorry page.

I would have been fired if I took longer than 2 days to get a server back up and running.
 
Pretty clever hacker this. How he got the admin account details is the big issue here, so my bet is that he is a friend of one of the admins.

I'm not sure what the hacker plan on doing with the username/password details, since the password is MD5 hashed. Unless he is after something or someone specific (maybe a developer account?) I do not see someone trying to crack 1.8 million passwords.
 
I know you can hack it, my point is hacking 1.8 million account passwords will take a very long time, and for what? Access to a forum that has now been made void and nul with their new security?

Maybe someone was stupid enough to use the same password for their email and forum account, but again, 1.8 million accounts?
 
MyWorld said:
I know you can hack it, my point is hacking 1.8 million account passwords will take a very long time, and for what? Access to a forum that has now been made void and nul with their new security?

Maybe someone was stupid enough to use the same password for their email and forum account, but again, 1.8 million accounts?
Click to expand...

True. Some people also use the same passwd on other forums. I used the same passwd here for mybb but changed it, other forums I use something different and my email password is really strong.
 
The last two weeks Ive noticed a massive increase in comments on my linux based articles I have written. Mostly how-to`s. I couldnt understand why after almost a year there would be a surge in comments. I think its because the Ubuntu forums are down and people are self medicating elsewhere.
 
MyWorld said:
Maybe someone was stupid enough to use the same password for their email and forum account, but again, 1.8 million accounts?
Click to expand...

A huge number of those people will use the same username and password, this is exactly why they did it.
 
ghoti said:
The last two weeks Ive noticed a massive increase in comments on my linux based articles I have written. Mostly how-to`s. I couldnt understand why after almost a year there would be a surge in comments. I think its because the Ubuntu forums are down and people are self medicating elsewhere.
Click to expand...

Could you point me to your how to's, please?
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X